Create a Module properties XML file with the same name of the class (no package name) and use the extension .xml. You must create an XML file with this naming convention even if no states required
Based on this configuration file, the Authentication user interface will dynamically generate a login page.
You can define page states in the module properties file as shown in Creating a Module Properties File. Each callback element corresponds to one login page state. When an authentication process is invoked, Callback values will be generated from the user’s Login Module for each state. All login state definitions start with 1. The module controls the login process, and then determines what the next state is.
Auth_Module_Properties.dtd defines the data structure that will be used by each authentication module to specify its properties. Auth_Module_Properties.dtd provides definitions to initiate, construct and send required callbacks information to the Authentication graphical user interface. Auth_Module_Properties.dtd is stored in the <PRODUCT_DIR>/dtd directory.
<ModuleProperties moduleName="LoginModuleSample" version="1.0" > <Callbacks length="2" order="1" timeout="60" header="This is a sample login page"> <NameCallback> <Prompt> User Name </Prompt> </NameCallback> <NameCallback> <Prompt> Last Name </Prompt> </NameCallback> </Callbacks> <Callbacks length="1" order="2" timeout="60" header="You made it to page 2" > <PasswordCallback echoPassword="false" > <Prompt> Just enter any password </Prompt> </PasswordCallback> </Callbacks> </ModuleProperties> Module Configuration Sample
In this module configuration sample, page state one has two callbacks. The first callback is for user ID, and second is for Last Name. When the user fills in the callbacks, the following events occur:
The Callback values are sent to the module.
The process() routine validates the callback values.
The module writer sets the next page state to 2.
Page state 2 has one callback to request the user to enter a password. The process() routine is again called after the user submits the Callback values. If the module writer throws a LoginException, then an Authentication Failed page will be sent to the user. If no exception is thrown, the user is redirected to his or her default page.